- An up-and-coming cyber-security startup has suffered a particularly damaging ransomware breach.
- The actors were from the NetWalker group, and they threatened to release all stolen data in 13 days.
- The firm may have already paid the ransom, as the listing has disappeared from the actors’ website.
‘Cygilant’ is a contemporary “security as a service” firm that promises superior threat detection, immediate and effective response, as well as total compliance. However, it is currently suffering from the consequences of a successful ransomware attack launched against them by the NetWalker group.
As the chief financial officer, Christina Lattuca told the press:
Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We are working closely with third-party forensic investigators and law enforcement to understand the full nature and impact of the attack. Cygilant is committed to the ongoing security of our network and to continue strengthening all aspects of our security program.
At first, the actors proceeded by leaking a portion of the stolen data on the dark web, essentially exposing Cygilant. That was mostly screenshots from the accessed directories, though, so it was purely done for coercion. However, this listing seems to have disappeared now, so it’s likely that the cybersecurity firm has paid the demanded ransom or reached some form of an agreement.
No one at Cygilant has confirmed this detail, so it is just an assumption based on the signs.
There’s nothing on Cygilant’s blog, press release section, or social media, but we guess that the firm will need some time to conclude its investigations before they proceed to share more about this with the world. For an internet security company, succumbing to hackers is a PR disaster and certainly undermines client trust, so explanations are bound to be given soon.
Cygilant is a company employing 84 people and has a revenue of $34 million. The actors’ initial threat was that they were going to publish the full data set in 13 days unless they got paid. Even if the company hasn’t published anything until then, we will get to know what actually happened.
All that said, it is worth noting that no matter what defenses are in place and how much one tries to protect systems against external threats, if you’re dealing with persistent actors, it is a matter of time before you find yourself breached. All it takes is the discovery of a zero-day flaw or a moment of carelessness by one of the employees. Thus, this occurrence doesn’t necessarily mean that Cygilant isn’t practicing what it preaches.